<?php require_once('Connections/local.php'); ?>
<?php

session_start();
if (!isset($_SESSION['MM_COD_USUARIO']))
    header("location:login.php");
	if (($_SESSION['MM_ROLE'] == 'socio'))
    header("location:pagina.php");
	
	?>
<?php
	
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO pista (NOMBRE_P, Deporte) VALUES (%s, %s)",
                       GetSQLValueString($_POST['NOMBRE_P'], "text"),
                       GetSQLValueString($_POST['Deporte'], "text"));

  mysql_select_db($database_local, $local);
  $Result1 = mysql_query($insertSQL, $local) or die(mysql_error());

  $insertGoTo = "borrar.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}
?>
<html>
<body>
<link rel="stylesheet" href="css/formulario.css" type="text/css">

<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<div id="stylized" class="myform">

<label>Nombre de la pista</label><input type="text" name="NOMBRE_P" type="text"><br>

<label>Deporte que se practicar&aacute; en la pista</label><input type="text" name="Deporte" type="text"><br>
<input type="submit" value="Insertar registro"></td>
 
<input type="hidden" name="MM_insert" value="form1">

</form>
</div>